[ubuntu/bionic-security] python3.6 3.6.9-1~18.04ubuntu1.7 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon Mar 28 09:37:51 UTC 2022
python3.6 (3.6.9-1~18.04ubuntu1.7) bionic-security; urgency=medium
* SECURITY UPDATE: Expose sensitive information
- debian/patches/CVE-2021-3426.patch: remove pydoc getfile feature
in Lib/pydoc.py, Lib/test/test_pydoc.py.
- CVE-2021-3426
* SECURITY UPDATE: Expose sensitive information
- debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class
behavior to not trust the IPv4 address sent from the remote
server when setting up a passive data channel in
resposne in Lib/ftplib.py, Lib/test/test_ftplib.py.
- CVE-2021-4189
* SECURITY UPDATE: Injection Attack
- debian/patches/CVE-2022-0391.patch: sanitize urls in urllib.parse
when it containing ASCII newline and tabs in
Doc/library/urllib.parse.rst, Lib/test/test_urlparse.py,
Lib/urllib/parse.py.
- CVE-2022-0391
Date: 2022-03-15 19:28:10.155910+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Matthias Klose <doko at ubuntu.com>
https://launchpad.net/ubuntu/+source/python3.6/3.6.9-1~18.04ubuntu1.7
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list